Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity

run_pfs() and run_rc4() show each fixes

Browse Source 
When run_rc4() is run with the "--show-each" option, but without the "--wide" option, a list of all RC4 ciphers is printed, without any distinction between those that are supported by the server and those that are not. This is the same issue I noted in #332 for run_pfs().

In run_pfs(), the displayed output was corrected, but all ciphers were still being added to $pfs_ciphers, so the list of supported PFS ciphers sent to fileout() was incorrect.

This PR fixes both issues.
This commit is contained in:
David Cooper
2016-05-24 13:57:47 -04:00
parent 5a03e96304
commit e0c147ec86
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@@ -3679,7 +3679,7 @@ run_pfs() {
out "$pfs_cipher " out "$pfs_cipher "
fi fi
fi fi
pfs_ciphers+="$pfs_cipher " [[ $sclient_success -eq 0 ]] && pfs_ciphers+="$pfs_cipher "
debugme rm $tmpfile debugme rm $tmpfile
done < <($OPENSSL ciphers -V "$pfs_cipher_list" 2>$ERRFILE) # -V doesn't work with openssl < 1.0 done < <($OPENSSL ciphers -V "$pfs_cipher_list" 2>$ERRFILE) # -V doesn't work with openssl < 1.0
debugme echo $pfs_offered debugme echo $pfs_offered
@@ -5586,9 +5586,9 @@ run_rc4() {
fi fi
outln outln
else else
pr_svrty_high "$rc4_cipher " [[ $sclient_success -eq 0 ]] && pr_svrty_high "$rc4_cipher "
fi fi
rc4_detected+="$rc4_cipher " [[ $sclient_success -eq 0 ]] && rc4_detected+="$rc4_cipher "
done < <($OPENSSL ciphers -V $rc4_ciphers_list:@STRENGTH) done < <($OPENSSL ciphers -V $rc4_ciphers_list:@STRENGTH)
outln outln
"$WIDE" && pr_svrty_high "VULNERABLE (NOT ok)" "$WIDE" && pr_svrty_high "VULNERABLE (NOT ok)"